<?php session_start();?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title></title>
</head>
<body>
<script LANGUAGE="javascript">
function redirectPageComplete()
{	
	alert("บันทึกข้อมูลส่วนตัวสำเร็จ");
	location = "../../info.php";
}

function redirectPageIncomplete()
{
	alert("เกิดข้อผิดพลาดในการเพิ่มข้อมูล");
	location = "../../info.php";
}

function redirectPassIncorrect()
{
	alert("รหัสผ่านเดิมไม่ถูกต้อง");
	location = "../../info.php";
	
}

<?php
include '../../../inc/reuse/dbconfig.php';

$id= $_SESSION['uid'];
$prename = $_POST['webmaster_prename'];;
$firstname = $_POST['webmaster_firstname'];;
$lastname = $_POST['webmaster_lastname'];
$username = $_POST['webmaster_username'];
$password = "";
$oldPassword = $_POST['webmaster_oldpassword'];
$newPassword = md5($_POST['webmaster_newpassword']);
$canEdit= false;
$modifier = $id;
$modified_datetime = date("YmdHis"); //เก็บวันเดือนปีและเวลาด้วย function date

if($_POST['webmaster_password'] == "")
{
	$newPassword = md5("smileplus");//$oldPassword;
	$canEdit = true;
}
else
{
	$password = md5($_POST['webmaster_password']);
	if($password == $oldPassword)
	{
		$canEdit  = true;
	}	
}

if(isset($id)){
	if($canEdit){
		$sql = "UPDATE webmaster
							SET webmaster_prename = '$prename',
							webmaster_firstname = '$firstname',			
							webmaster_lastname = '$lastname',
							webmaster_username = '$username',
							webmaster_password = '$newPassword',
							modified_master_id = '$modifier',
							modified_date_time = '$modified_datetime' 
							WHERE webmaster_id= $id";
		if(mysql_query($sql))
		{
			echo "redirectPageComplete();";
		}else
		{
			echo "redirectPageIncomplete();";
		}
	}
	else
	{
		echo "redirectPassIncorrect();";
	}

}
else
{
	echo "redirectPageIncomplete();";
}

mysql_close();
?>
</script>
</body>
</html>
